This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 52%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERB%3C/text%3E%3C/svg%3E)
I receive the following error when trying to enable Azure Security Defaults:
"It looks like you have Identity Protection policies enabled. Enabling Identity Protection policies prevents you from enabling Security defaults."
I have disabled MFA for all users
I did use a P1 licence trial but have removed this from the Tenancy.
I'm trying to block Legacy Authentication whilst using Azure AD Basic.
Any help would me most appreciated. Cheers, Rob.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 2%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hello @Rob Brien , I wanted to follow up with you to check if the below response helped you in answering your query or not. Do let us know if there are any more queries around this so that we can help you further. However, if the above response has helped in answering your query, I would request you to please accept that response as Answer so that it helps others visiting the community with similar queries.
Hi, do you still require assistance? If not, please mark the answer as verified.
Thank you,
James
Hello @Rob Brien , thank you for reaching out. You won't be able to enable Azure Security Defaults alongside Azure Identity Protection. Unfortunately, it's not documented and I am working on that to get that documented soon in or public docs.
You can disable policies configured under Azure Identity Protection if you want to implement Azure Security Defaults. Or if your idea is just to disable Legacy Auth, you can also go ahead and configure Conditional Access Policy to achieve the same. You can find more details on disabling Legacy Auth using CA Policy here: https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/block-legacy-authentication
Note: Make sure you have an Azure AD Premium License with you in order to configure/use the CA policies.
Summary, to disable legacy auth, you can either use Azure Security defaults or Conditional Access Policies, but both cannot be configured together. Secondly, with Azure Identity Protection Enabled, you cannot enable Azure Security Defaults.
Hope this helps.
Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as an Answer; if the above response helped in answering your query.